Signing a JAR using a certificate

Here is the problem: I've a certificate file, say name is: mycert.crt. I've a JAR applet named myapplet.jar. I need to sign the applet so that it runs on a website. I know the private key and public key of the certificate. I tried to import it using the keytool:

Then I tried to sign the jar file using the following:

When I verify it, it says the JAR is signed.

However, when I try to run it I get the error message: The jar is signed but the application's digital signature is invalid (not exact wording).

I've an already signed jar that works fine but the one I try to sign does not work. Any solution? [ May 31, 2006: Message edited by: Tokai Moshai ]

Jeff Osborn

Greenhorn

Posts: 8

posted 10 years ago

This can be a nightmare.

These steps take you through all that you will need to do to create a key store, a self signed certificate, export the certificate and then sign the jar

Note: Assumes java is installed at C:\j2sdk1.4.1_02\ ;-) Note: The keytool will create the keystore C:\projectname\lib\security\.keystore can be left off to default to the jdk keystore (java.home\lib\security\.keystore), but you really don't not want to mess with the jdk keystore and have to reinstall. Note: MAKE SURE you write down the passwords used. In this case ozziepassword.

The standard SDK documentation will have both the keytool and the jarsigner in them. They are a little hard to read though.

You should still get a dialog that will ask you if you trust this applet, because it has not been signed by a known Root Authority, but it is good enough for development. Pick 'yes always' and you will be good to go.